add password change route

This commit is contained in:
Arthur Lu 2023-11-09 18:57:52 +00:00
parent 3668cb0445
commit 0c7b0309c7
3 changed files with 35 additions and 0 deletions

View File

@ -1,4 +1,12 @@
{ {
"static": {
"types": {
"auth": {
"pve": "pve",
"ldap": "ldap"
}
}
},
"global": { "global": {
"application": { "application": {
"pveAPI": "https://pve.mydomain.example/api2/json", "pveAPI": "https://pve.mydomain.example/api2/json",

View File

@ -34,6 +34,10 @@ class LocalDB {
writeFileSync(this.#path, JSON.stringify(this.#data)); writeFileSync(this.#path, JSON.stringify(this.#data));
} }
getStatic () {
return this.#data.static;
}
getGlobal () { getGlobal () {
return this.#data.global; return this.#data.global;
} }

View File

@ -1,9 +1,11 @@
import { Router } from "express"; import { Router } from "express";
export const router = Router({ mergeParams: true }); ; export const router = Router({ mergeParams: true }); ;
const db = global.db;
const domain = global.db.domain; const domain = global.db.domain;
const checkAuth = global.utils.checkAuth; const checkAuth = global.utils.checkAuth;
const requestPVE = global.pve.requestPVE; const requestPVE = global.pve.requestPVE;
const pveAPIToken = global.db.pveAPIToken;
/** /**
* GET - check authentication * GET - check authentication
@ -59,3 +61,24 @@ router.delete("/ticket", async (req, res) => {
res.cookie("auth", 0, { domain, path: "/", expires: expire }); res.cookie("auth", 0, { domain, path: "/", expires: expire });
res.status(200).send({ auth: false }); res.status(200).send({ auth: false });
}); });
router.post("/password", async (req, res) => {
const params = {
password: req.body.password,
userid: req.cookies.username
};
const useridparsed = params.userid.split("@");
const realmName = useridparsed[useridparsed.length - 1];
const domains = (await requestPVE(`/access/domains`, "GET", pveAPIToken)).data.data;
const realm = domains.find((e) => e.realm === realmName);
const type = realm.type;
const types = db.getStatic().types.auth;
if (types[type] === "pve") {
const response = await requestPVE("/access/password", "PUT", {cookies: req.cookies}, JSON.stringify(params));
res.status(response.status).send(response.data)
}
else {
res.status(501).send({error: `Auth type ${type} not implemented yet.`})
}
});